<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE>Apache module mod_digest</TITLE>
</HEAD>

<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
<BODY
 BGCOLOR="#FFFFFF"
 TEXT="#000000"
 LINK="#0000FF"
 VLINK="#000080"
 ALINK="#FF0000"
>
<!--#include virtual="header.html" -->
<H1 ALIGN="CENTER">Module mod_digest</H1>

This module is contained in the <CODE>mod_digest.c</CODE> file, and is
not compiled in by default. It is only available in Apache 1.1 and
later. It provides for user authentication using MD5 Digest
Authentication.


<MENU>
<LI><A HREF="#authdigestfile">AuthDigestFile</A>
</MENU>
<HR>


<H2><A NAME="authdigestfile">AuthDigestFile</A></H2>
<A
 HREF="directive-dict.html#Syntax"
 REL="Help"
><STRONG>Syntax:</STRONG></A> AuthDigestFile <EM>filename</EM><BR>
<A
 HREF="directive-dict.html#Context"
 REL="Help"
><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
<A
 HREF="directive-dict.html#Override"
 REL="Help"
><STRONG>Override:</STRONG></A> AuthConfig<BR>
<A
 HREF="directive-dict.html#Status"
 REL="Help"
><STRONG>Status:</STRONG></A> Base<BR>
<A
 HREF="directive-dict.html#Module"
 REL="Help"
><STRONG>Module:</STRONG></A> mod_digest<P>

<P>The AuthDigestFile directive sets the name of a textual file containing
the list
of users and encoded passwords for digest authentication.
<EM>Filename</EM>
is the absolute path to the user file.</P>
<P>The digest file uses a special format. Files in this format can be
created using the "htdigest" utility found in the support/ subdirectory of
the Apache distribution.</P>

<HR>

<H3>Using Digest Authentication</H3>

<P>Using MD5 Digest authentication is very simple. Simply set up
authentication normally. However, use "AuthType Digest" and
"AuthDigestFile" instead of the normal "AuthType Basic" and
"AuthUserFile". Everything else should remain the same.</P>

<P>MD5 authentication provides a more secure password system, but only
works with supporting browsers. As of this writing (July 1996), the
majority of browsers do not support digest authentication. Therefore, we
do not recommend using this feature on a large Internet site. However, for
personal and intra-net use, where browser users can be controlled, it is
ideal.</P>

<!--#include virtual="footer.html" -->
</BODY>
</HTML>

